build: switch to new SDK with openssl

Implements changes from bcressey/bottlerocket-update-operator@4679360b but for testsys.
bottlerocket-os · Oct 15, 2021 · 7611413 · 7611413
1 parent f26553d
commit 7611413
Show file tree

Hide file tree

Showing 8 changed files with 74 additions and 56 deletions.
diff --git a/.cargo/config.toml b/.cargo/config.toml
@@ -0,0 +1,23 @@
+[target.x86_64-bottlerocket-linux-musl]
+linker = "/usr/bin/x86_64-bottlerocket-linux-musl-gcc"
+ar = "/usr/bin/x86_64-bottlerocket-linux-musl-gcc-ar"
+
+rustflags = [
+  "-Ctarget-feature=+crt-static",
+  "-Clink-arg=-Wl,-Bstatic",
+  "-Clink-arg=-lc",
+  "-Clink-arg=-lgcc",
+  "-Clink-arg=-Wl,-z,relro,-z,now",
+]
+
+[target.aarch64-bottlerocket-linux-musl]
+linker = "/usr/bin/aarch64-bottlerocket-linux-musl-gcc"
+ar = "/usr/bin/aarch64-bottlerocket-linux-musl-gcc-ar"
+
+rustflags = [
+  "-Ctarget-feature=+crt-static",
+  "-Clink-arg=-Wl,-Bstatic",
+  "-Clink-arg=-lc",
+  "-Clink-arg=-lgcc",
+  "-Clink-arg=-Wl,-z,relro,-z,now",
+]
diff --git a/.gitignore b/.gitignore
@@ -1 +1,3 @@
 /target/
+/.cargo/*
+!.cargo/config.toml
diff --git a/Dockerfile.sdk_openssl b/Dockerfile.sdk_openssl
diff --git a/Makefile b/Makefile
@@ -1,51 +1,54 @@
+TOP := $(dir $(firstword $(MAKEFILE_LIST)))
+
 .PHONY: build sdk-openssl example-test-agent-image example-resource-agent-image controller-image images sonobuoy-test-agent-image integ-test
 
 UNAME_ARCH=$(shell uname -m)
 ARCH ?= $(lastword $(subst :, ,$(filter $(UNAME_ARCH):%,x86_64:amd64 aarch64:arm64)))
 
-images: controller-image
+export CARGO_HOME = $(TOP)/.cargo
+
+# Fetches crates from upstream
+fetch:
+	cargo fetch --locked
+
+images: fetch controller-image
 
 # Builds, Lints and Tests the Rust workspace
-build:
+build: fetch
 	cargo fmt -- --check
 	cargo build --locked
 	cargo test --locked
 
-# Augment the bottlerocket-sdk image with openssl built with the musl toolchain
-sdk-openssl:
-	docker build $(DOCKER_BUILD_FLAGS) \
-		--build-arg ARCH="$(UNAME_ARCH)" \
-		--tag "bottlerocket-sdk-openssl-$(UNAME_ARCH)" \
-		-f Dockerfile.sdk_openssl .
-
 # Build the container image for the example test-agent program
-example-test-agent-image: sdk-openssl
+example-test-agent-image: fetch
 	docker build $(DOCKER_BUILD_FLAGS) \
 		--build-arg ARCH="$(UNAME_ARCH)" \
 		--tag "example-testsys-agent" \
+		--network none \
 		-f agent/test-agent/examples/example_test_agent/Dockerfile .
 
 # Build the container image for the example resource-agent program
-example-resource-agent-image: sdk-openssl
+example-resource-agent-image: fetch
 	docker build $(DOCKER_BUILD_FLAGS) \
 		--build-arg ARCH="$(UNAME_ARCH)" \
 		--tag "example-resource-agent" \
+		--network none \
 		-f agent/resource-agent/examples/example_resource_agent/Dockerfile .
 
-controller-image: sdk-openssl
+controller-image: fetch
 	docker build $(DOCKER_BUILD_FLAGS) \
 		--build-arg ARCH="$(UNAME_ARCH)" \
 		--tag "testsys-controller" \
 		-f controller/Dockerfile .
 
-sonobuoy-test-agent-image: sdk-openssl
+sonobuoy-test-agent-image: fetch
 	docker build $(DOCKER_BUILD_FLAGS) \
 		--build-arg UNAME_ARCH="$(UNAME_ARCH)" \
 		--build-arg ARCH="$(ARCH)" \
 		--tag "sonobuoy-test-agent" \
 		-f agent/sonobuoy-test-agent/Dockerfile .
 
-integ-test: controller-image example-test-agent-image example-resource-agent-image sonobuoy-test-agent-image
+integ-test: fetch controller-image example-test-agent-image example-resource-agent-image sonobuoy-test-agent-image
 	docker tag example-testsys-agent example-testsys-agent:integ
 	docker tag testsys-controller testsys-controller:integ
 	docker tag example-resource-agent example-resource-agent:integ

diff --git a/agent/resource-agent/examples/example_resource_agent/Dockerfile b/agent/resource-agent/examples/example_resource_agent/Dockerfile
@@ -1,11 +1,16 @@
 ARG ARCH
-FROM bottlerocket-sdk-openssl-${ARCH} as build
+FROM public.ecr.aws/c2b5m1s5/thar-be-a-beta-sdk-${ARCH}:v0.23.0 as build
+
 ARG ARCH
 USER root
-
+# We need these environment variables set for building the `openssl-sys` crate
+ENV PKG_CONFIG_PATH=/${ARCH}-bottlerocket-linux-musl/sys-root/usr/lib/pkgconfig
+ENV PKG_CONFIG_ALLOW_CROSS=1
+ENV CARGO_HOME=/src/.cargo
+ENV OPENSSL_STATIC=true
 ADD ./ /src/
 WORKDIR /src/agent/resource-agent
-RUN cargo install --locked --target ${ARCH}-bottlerocket-linux-musl --path . --example example_resource_agent --root ./
+RUN cargo install --offline --locked --target ${ARCH}-bottlerocket-linux-musl --path . --example example_resource_agent --root ./
 
 FROM scratch
 # Copy CA certificates store

diff --git a/agent/sonobuoy-test-agent/Dockerfile b/agent/sonobuoy-test-agent/Dockerfile
@@ -1,11 +1,16 @@
 ARG UNAME_ARCH
-FROM bottlerocket-sdk-openssl-${UNAME_ARCH} as build
+FROM public.ecr.aws/c2b5m1s5/thar-be-a-beta-sdk-${UNAME_ARCH}:v0.23.0 as build
+
 ARG UNAME_ARCH
 USER root
-
+# We need these environment variables set for building the `openssl-sys` crate
+ENV PKG_CONFIG_PATH=/${UNAME_ARCH}-bottlerocket-linux-musl/sys-root/usr/lib/pkgconfig
+ENV PKG_CONFIG_ALLOW_CROSS=1
+ENV CARGO_HOME=/src/.cargo
+ENV OPENSSL_STATIC=true
 ADD ./ /src/
 WORKDIR /src/agent/sonobuoy-test-agent
-RUN cargo install --locked --target ${UNAME_ARCH}-bottlerocket-linux-musl --path . --root ./
+RUN cargo install --offline --locked --target ${UNAME_ARCH}-bottlerocket-linux-musl --path . --root ./
 
 FROM public.ecr.aws/amazonlinux/amazonlinux:2
 ARG ARCH

diff --git a/agent/test-agent/examples/example_test_agent/Dockerfile b/agent/test-agent/examples/example_test_agent/Dockerfile
@@ -1,11 +1,16 @@
 ARG ARCH
-FROM bottlerocket-sdk-openssl-${ARCH} as build
+FROM public.ecr.aws/c2b5m1s5/thar-be-a-beta-sdk-${ARCH}:v0.23.0 as build
+
 ARG ARCH
 USER root
-
+# We need these environment variables set for building the `openssl-sys` crate
+ENV PKG_CONFIG_PATH=/${ARCH}-bottlerocket-linux-musl/sys-root/usr/lib/pkgconfig
+ENV PKG_CONFIG_ALLOW_CROSS=1
+ENV CARGO_HOME=/src/.cargo
+ENV OPENSSL_STATIC=true
 ADD ./ /src/
 WORKDIR /src/agent/test-agent
-RUN cargo install --locked --target ${ARCH}-bottlerocket-linux-musl --path . --example example_test_agent --root ./
+RUN cargo install --offline --locked --target ${ARCH}-bottlerocket-linux-musl --path . --example example_test_agent --root ./
 
 FROM scratch
 # Copy CA certificates store

diff --git a/controller/Dockerfile b/controller/Dockerfile
@@ -1,11 +1,16 @@
 ARG ARCH
-FROM bottlerocket-sdk-openssl-${ARCH} as build
+FROM public.ecr.aws/c2b5m1s5/thar-be-a-beta-sdk-${ARCH}:v0.23.0 as build
+
 ARG ARCH
 USER root
-
+# We need these environment variables set for building the `openssl-sys` crate
+ENV PKG_CONFIG_PATH=/${ARCH}-bottlerocket-linux-musl/sys-root/usr/lib/pkgconfig
+ENV PKG_CONFIG_ALLOW_CROSS=1
+ENV CARGO_HOME=/src/.cargo
+ENV OPENSSL_STATIC=true
 ADD ./ /src/
 WORKDIR /src/controller
-RUN cargo install --locked --target ${ARCH}-bottlerocket-linux-musl --path . --root ./
+RUN cargo install --offline --locked --target ${ARCH}-bottlerocket-linux-musl --path . --root ./
 
 FROM scratch
 # Copy CA certificates store